On the Silicon Exposed blog, Andrew Zonenberg looks at Apple's announcement that it won't be able to decrypt its phones for law enforcement agencies. Zonenberg argues that "disk encryption isn't as much of a major game-changer as people seem to think."
First off, the changes in iOS 8 are encrypting data on disk. Voice calls, SMS, and Internet packets still cross the carrier's network in cleartext. These companies are legally required (by CALEA in the United States, and similar laws in other countries) to provide a means for law enforcement or intelligence to access this data.
In addition, if Eve can get within radio range of Alice or Bob, she can record the conversation off the air. Although the radio links are normally encrypted, many of these cryptosystems are weak and can be defeated in a reasonable amount of time by cryptanalysis. Numerous methods are available for executing man-in-the-middle attacks between handsets and cell towers, which can further enhance Eve's interception capabilities.
|Stop Watching Us: Rally Against Mass Surveillance|
|"The Internet of Things creates the perfect conditions to bolster and expand the surveillance state."|
|Miniature Mail Server With Privacy at its Core|
|“Many people say they’re resigned to the idea that we’re going to be spied on and there’s nothing we can do about it.”|
|“We’ve received requests to add some artificial noise to the buses so that people can hear them.”|
|“A novel experiment by a government to work with journalists and educators to combat the spread of online misinformation.”|
|“The race is on to create lab-grown meat products.”|
|CaptchaTweet: Write Tweets in Captcha Form|
|The (Very Scary) People of Public Transit|
|How to Avoid Jury Duty|
|“Initial riders may be more comfortable getting into a car with a human in the driver seat.”|
|“Both spacecraft are still operational when they reached interstellar space.”|
|“Make it so. Make it so. Make it so.”|
|“Can you replace the spring of a pogo stick with repelling magnets?”|
|"Free apps make money by selling your personal data."|